package com.kingsoft.miot.bridge.authority;

import java.util.List;

import org.apache.commons.collections4.CollectionUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import com.kingsoft.miot.bridge.pojo.manager.ActionGroupRecord;
import com.kingsoft.miot.bridge.pojo.manager.GroupInfo;
import com.kingsoft.miot.bridge.pojo.manager.ManagerInfo;
import com.kingsoft.miot.bridge.service.manager.ActionGroupRecordService;
import com.kingsoft.miot.bridge.service.manager.GroupInfoService;
import com.kingsoft.miot.bridge.service.manager.ManagerService;

/**
 * 自定义 Realm
 * 
 * @author HUJIANQING
 *
 */
//@Component
//public class CustomRealm extends AuthorizingRealm {
//
//	private static final Logger LOGGER = LoggerFactory.getLogger(CustomRealm.class);
//
//	@Autowired
//	private ManagerService managerService;
//
//	@Autowired
//	private GroupInfoService groupInfoService;
//
//	@Autowired
//	private ActionGroupRecordService actionGroupRecordService;
//
//	/**
//	 * 获取身份验证信息 Shiro中，最终是通过 Realm 来获取应用程序中的用户、角色及权限信息的。
//	 *
//	 * @param authenticationToken 用户身份信息 token
//	 * @return 返回封装了用户信息的 AuthenticationInfo 实例
//	 */
//	@Override
//	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
//			throws AuthenticationException {
////        System.out.println("————身份认证方法————");
//		UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
//		// 从数据库获取对应用户名密码的用户
////        String password = userMapper.getPassword(token.getUsername());
//		// 通过邮箱获取信息用户信息
//		ManagerInfo managerInfo = managerService.getManagerInfoById(Integer.valueOf(token.getUsername()));
//		String password = managerInfo.getManager_info_password();
//		if (null == password) {
//			throw new AccountException("用户名不正确");
//		} else if (!password.equals(new String((char[]) token.getCredentials()))) {
//			throw new AccountException("密码不正确");
//		}
//		return new SimpleAuthenticationInfo(token.getPrincipal(), password, getName());
//	}
//
//	/**
//	 * 获取授权信息
//	 *
//	 * @param principalCollection
//	 * @return
//	 */
//	@Override
//	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//		LOGGER.info("进行权限验证。");
//		String username = (String) SecurityUtils.getSubject().getPrincipal();
//		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//		ManagerInfo managerInfo = managerService.getManagerInfoById(Integer.valueOf(username));
//		/**
//		 * 设置用户角色和权限
//		 */
//		// 获得该用户角色 并设置角色
//		
//		System.out.println(managerInfo.toString());
//		int groupId = managerInfo.getGroup_info_id();
//		GroupInfo groupInfo = groupInfoService.getById(groupId);
//		String role = groupInfo.getGroup_info_code();
////		Set<String> set = new HashSet<>();
////		set.add(role);
////		info.setRoles(set);
//		System.out.println(role);
//		info.addRole(role);
//		// 设置角色相关的权限列表
//		List<ActionGroupRecord> actionGroupList = actionGroupRecordService.getByGroupId(managerInfo.getGroup_info_id());
//		if (CollectionUtils.isEmpty(actionGroupList)) {
//			return info;
//		}
//		for (ActionGroupRecord actionGroupRecord : actionGroupList) {
//			// permission
//			String action_info_code = actionGroupRecord.getAction_info_code();
//			System.out.println(managerInfo.getManager_info_id() + " : " + action_info_code);
//			// 添加权限代码
//			info.addStringPermission(action_info_code);
//		}
//		return info;
//	}
//}
